The information security management standard (ISMS), ISO/IEC 27001, provides a significant implementation challenge for all organisations. A significant number of the controls to be applied will, of necessity, be technical and will relate to how IT hardware and software are set up and configured. As a result, there is often a gulf in understanding as to what is required between the ISO27001 ISMS project manager and those responsible for implementing the technical controls. A step-by-step guide through the journey of ...
Read More
The information security management standard (ISMS), ISO/IEC 27001, provides a significant implementation challenge for all organisations. A significant number of the controls to be applied will, of necessity, be technical and will relate to how IT hardware and software are set up and configured. As a result, there is often a gulf in understanding as to what is required between the ISO27001 ISMS project manager and those responsible for implementing the technical controls. A step-by-step guide through the journey of implementing ISO27001 Implementing ISO27001 in a Windows(r) Environment does an outstanding job of helping parties on both sides to bridge the gulf. It identifies the recommended technical controls of ISO27001 s Annex A and, for a Microsoft environment, provides guidance on how (if, on the basis of a risk assessment, they are considered necessary) to implement them. This book fills a major hole in the guidance literature for ISO27001 and makes a significant contribution to helping both project managers and IT and security staff get to grips with what controls are appropriate to mitigate identified risks. It is designed as a step-by-step guide through the journey of implementing ISO27001 in a Microsoft(r) Windows(r) environment.
Read Less
